Chrome and Firefox pull history-stealing browser extension

One minute that favourite browser plug-in is your friend, the next it’s quietly turned into a privacy “Chernobyl” that’s profiling your browsing in the most intimate way possible.

Browser makers should be on top of this phenomenon and yet, here we are reporting on the latest example, this time spotted by software engineer Robert Heaton.

He’d been using a Chrome and Firefox extension called Stylish for years to re-skin websites and hide their “distracting parts” such as Facebook and Twitter feeds. (Safari and Opera versions are also available.)

This came to his attention when he noticed Stylish had started sending obfuscated data back to its website as part of what looked like data gathering.

Sure enough, after more research:

When I looked at the contents of the decoded payload, I realized that Stylish was exfiltrating all my browsing data.

From inside his browser, Stylish could monitor every website he visited. Worse, because Heaton had an account login for the extension, it could relate his activity to his identity.

Stylish and SimilarWeb still have all the data they need to connect a real-world identity to a browsing history, should they or a hacker choose to.

Extensions getting new owners and undesirable, unexpected behaviour isn’t a new business model, and this particular change wasn’t exactly a secret because (as Heaton readily admits) the change of ownership and its implications was widely reported at the time in the tech press.

Unaccountably, it seems browser makers didn’t pick up on the implications of the change in ownership, which is why Mozilla has this week abruptly removed it from its list of Firefox Add-Ons, writing:

We decided to block because of violation of data practises outlined in the review policy.

Subscribe to PHI via Email

Enter your email address to subscribe to PHI and receive notifications of new posts by email.

Join 3,123 other subscribers

Email Address

PROFESSIONAL HACKERS INDIA

We are proud to offer premier information security updates, IT updates, Core Tools And Techniques across the globe. Our mission is to make the internet more secure, more trendy, more aware and more reliable.